package samsung.sds.system.intercepter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

public class SessionTimeOutIntercepter extends HandlerInterceptorAdapter  {
	
	 
	private String sessionAttribute;
	
	public String getSessionAttribute() {
		return sessionAttribute;
	}

	public void setSessionAttribute(String sessionAttribute) {
		this.sessionAttribute = sessionAttribute;
	}
	 
	 
	
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
		 if (SecurityContextHolder.getContext().getAuthentication()
					.getPrincipal() instanceof String)//判断session里是否有用户信息  
	      {
	       if (request.getHeader("x-requested-with") != null  
	           && request.getHeader("x-requested-with")  
	               .equalsIgnoreCase("XMLHttpRequest"))//如果是ajax请求响应头会有，x-requested-with；  
	       {  
	         response.setHeader(getSessionAttribute(), "timeout");//在响应头设置session状态
	         return true;
	       }
	      }
		 return true;
	}
 

}
